Month: August 2012

Both the democrats and republicans are starting to feel pressure from divided constituencies inside their own tent. The split seems to be along moral/money lines. Conservative/liberal is a pretty good label for social values, but a pretty terrible one for fiscal ones. When you call someone liberal or conservative, what does that mean? Are gay members of the military conservative or liberal? What about a pro-life democrat? Should black millionaires vote for Obama or Romney? Clearly, the liberal/conservative label is almost as useless as the republican/democrat label. Practically speaking, those are the only two parties we have though. What if that changed?

For a while now, democrats have generally been for broader use of government power in social programs than republicans. More recently, both parties have been hijacked by moral platforms that significant parts of the party do not approve of. Conservative Christians have a lot of control over the republican party moral platform and this makes a lot of the more tolerant/liberal people inside the party uneasy (see Ron Paul and his supporters). In the same vein, the democratic party is also the party of minorities. Black and Latino voters tend to be more socially conservative than the typical white democrat. Close to 40% of democrats don’t approve of Obama’s support for gay marriage.

Clearly, as long as the government is in charge of both money matters as well as values, both the democratic and republican parties are going to confuse and come up short for a lot of people. If parties have to align along two axes (only… I’ll get to a third one in a bit), 2 isn’t going to cut it, we need four. Here’s how I’d break the current parties down:

1) A group that wants less government money spent on social programs and is socially conservative. This is the current popular view of republicans.

2) A group that wants less government money spent on social programs and is socially liberal. This includes gay republicans and republicans that are just tolerant of different kinds of people.

3) A group that wants a lot of money to be spent on government programs and is socially liberal. This is the stereotypical white democrat.

4) A group that wants a lot of money to be spent on government programs and is socially conservative. This is going to include a lot of religious democrats and that includes a large number of blacks and latinos.

You’ll notice that I didn’t mention the military or foreign policy. That’s because both parties are so similar in that regard that I have trouble telling them apart nowadays. There are of course more than two axes, things like abortion, immigration, and the drug war are all possible single issue voter concerns. Currently, groups 1,2 and 3,4 are supposed to come together at their conventions and hammer out platforms that they will agree to. We then have two parties in DC that do battle. I don’t think I’m alone in thinking that a lot gets lost in that process. I would much rather have all 4 groups present in DC. It can be argued that they already are, different states, and different congressional districts have different breakdowns on the social/liberal continuum. The problem is that all of them are still beholden to the machinations of the main parties political influence. The RNC and DNC hold big purse strings and make people they support toe the company line. I think it would be much more useful and representative if these groups could be on their own and form floating coalitions on a bill by bill basis. The current atmosphere of having to score points against the other team is marginalizing too many people’s interests.

There is another axis that isn’t discussed nearly as much as it should be and that is the idea of how much control you are comfortable giving the government. This is the axis that libertarians get screwed on. While self described libertarians obsess over this, republicans take it as ancillary to how much they get taxed and democrats typically don’t notice until it gets to a ridiculous point. Many libertarians point out that a lot of the culture wars would go away if the government didn’t try to legislate morals or be involved in people’s personal affairs. The two core things about libertarians that are routinely glossed over are peace and tolerance. Tolerance doesn’t mean you have to approve of what other people do in their own lives, but it does mean that you allow them to do it. If the parties adopted a live and let live attitude instead of legislating values, we could then concentrate on money matters.

All of this is pie in the sky thinking of course. I do think that if this split came about and caused distinct parties that more or less shared power, we would have a much more representative government. The two party system tends to flatten differences out between people that happen to have a loose connection on fiscal matters. My more libertarian suggestion is to simply remove the moral aspect out of laws, but the 4 party system would be a step in the right direction.

We all know that Facebook is free. I mean, it is free, right? On the other hand, we all also have that kind of unsettling feeling that they are doing something with our online identities. Facebook is what made the question, “Why are they showing me this ad?” a common one. We never thought about it on TV or radio but we all have a sense that they are looking at us and targeting specific ads towards us. They’re sometimes way off of course but that is their game plan. There is also the worry about what other companies they are allowing to look at us.

It’s a tradeoff. Facebook has to be paid for somehow. All of the programmers, the servers, the IT guys, the bandwidth, none of it comes for free. Just like radio and TV before it, Facebook decided to go with ads to support the site. TV and radio ads are annoying, but they don’t have the creepy factor that social media sites do. The TV can’t know who your friends are and what all of you like.

So if you don’t like the way Facebook uses our information, would you be willing to pay them directly instead?

I routinely pay for content so that I don’t get ads. It helps that I really only follow one tv show, Dr. Who. I don’t watch it on TV anymore, BBC America is just brutal with the ads. The show is chopped up enough to make it annoying. Instead, I watch it a day later when I can download it from iTunes. No ads, no interruptions.

I also subscribe to several music services. Slacker Radio, LastFM, Spotify, and Amazon Play all cost me money, but it also means that I get to listen to the music I want, when I want it, the way I want it, without ads. Nowadays, I can’t sit through FM radio and network TV. I do the same for apps, I buy them whenever I can to avoid the ads.

App.net is an attempt to bring a paid experience to social networking. You pay them directly and you get the service with no ads and no usage of your information. Almost everything I’ve read says that it is trying to be Twitter so it is bound to fail because it doesn’t have the numbers that Twitter has to make it a viable service. It’s true that the current Alpha release (a release that is not meant for general use, it is for demonstration only. Traditionally software goes through an additional Beta phase before being deemed fit for end users) looks like Twitter but as GigaOm has pointed out, the goal is to be a platform and not just a Twitter competitor. As a platform, app.net could then be used by other application writers to access it and do some amazing things with it including expanding the social aspect of it.

The minimum buy in fee was $50. That would allow you to secure your desired user name plus give you a year’s worth of time on it. Some of my friends have balked at the price and I had to think about it. I realized that I pay that (and more) to other services without even thinking about it. If this takes off, would you be willing to pay 4.25 a month for a social experience that isn’t interested in selling you? That made my decision for me. My handle is IsaacC.

There are plenty of other types of paid vs. free experiences on the web and on our devices. Apps, web development sites, photo galleries, even blogs! Not sure why something like social networking couldn’t be the same. Has anyone else ever tried this? I know of services that are private social sites, but app.net is trying to scale to allow anyone to interact with anyone else if they wanted. I wish them luck and I’m excited to see what developers can do with this platform.

It’s official, I’ll be doing at least another month of physical therapy. I finally feel some muscles where I didn’t have any before, but my stamina just isn’t there. Certainly not enough for a whole day’s worth. It could be worse really. I am seeing some improvement, now we just need to speed that up.

Yes, I’m a geek, I know that! I installed some power line adaptors the other day to get a wired connection for my Apple TV. It had the desired effect, streams are now faster and more consistent. My long term plan was to also set up another wireless router up there to give better wireless performance. I hemmed and hawed over this since the existing wifi signal was OK. But you know me… More speed!

Turns out it was totally worth what the airport express cost me. I am shocked at how much faster everything is. Here’s how I have it set up; I run an ethernet cable from the power line adaptor to a switch, from there I have ethernet running to both the Apple TV and the airport express. The AE is in bridge mode so that it is just acting as a wifi access point without doing any routing of signals. Looking at the wifi signal strength, I gained 1 bar. Subjectively, it feels much faster than before. The other thing that has changed dramatically is mirroring from the iPad to the TV via Apple TV. Lots better.

I had thought it was a good idea to hard wire everything when you can, glad this agreed with me.

Mat Honan was the victim of a rather vicious hack. It resulted in the erasure of his iPhone, iPad, his Mac, and his Gmail account. It was accomplished through a combination of social engineering (a hacker term for fooling people to obtain important information), personal complacence, and the ability to obtain disparate pieces of information that by themselves are harmless but together can be used to exploit security systems.

Honan compounded the problem by not having a backup of his computer (an unforgivable sin for a tech blogger). he lost a ton of pictures and other information when his Mac got wiped. He also helped the hacker by doing some things that made it easy to jump from account to account. Unfortunately, those things are incredibly common practices with the public at large.

His misfortune made me reexamine my own security habits. Some of the things that happened were behind his control. Both of the companies involved with the social engineering aspects are in the process of addressing that angle. He could have prevented a lot of the other things with just a few tweaks but those involve work and most of us lean towards convenience instead of security. So what could he have done, and what should I do?

There are several types of security exploits that I know of. It is possible to have a key logger or other surveillance software installed on your machine and a cracker could then directly access your information. It’s also possible to have a directed social engineering attack like Honan did. Both of those exploits usually require someone wanting specific information from you. These are the kinds of things that the FBI might do to get information on a suspect. In Honan’s case, they were after his Twitter account.

The things that regular folks need to worry about are theft of their devices and online services being hacked and exposing their information. Obviously, if a thief has your computer, phone, or iPad, they could potentially do all sorts of damage. Luckily, most thieves are much more interested in selling the device and will therefore promptly erase it. Plus, I would imagine it would be a little more difficult to find buyers of information than devices.

Ideally, if a service gets hacked it would only affect that particular service. The real problem is that so many people use the same password for so many things. If someone gets your email address and a password, it wouldn’t be too difficult to try other services. Hell, they may not have to try if you use the same password for your email. They could just read through your emails and see what services you use.

So that’s lesson #1, use different passwords. Yes, I know, it’s a total pain, but it is necessary. There are a number of ways to organize and maintain all of the different passwords we have. I use 1Password, a well known password manager and generator. Other people keep a file of their passwords (encrypt it!) and others resort to writing them down. The main point is to start using different passwords, just start doing it.

So OK, you have different passwords for everything, but so did Honan. What happened? The weak point is your email. Every online service that I know of will send you an email to reset your password. If someone gets into the email you use for services, you are done. It is super easy to reset passwords to lock you out of not only your email but also all of your services. Think Facebook, Twitter, banking, credit cards, brokerage, the whole 9 yards. If there’s one thing you have to concentrate on securing, it is your email. How do you do that?

Obviously, a good password is a good start. Honan freely admits that if he had a feature called two step authorization activated on Gmail he could have avoided a lot of subsequent damage. If you have that turned on, signing into Gmail from another machine will require a code that is texted to your phone. A hacker would have to have your password and your phone to get into your email account. Clearly, that is much more secure.

There is usually a tradeoff between security and convenience. The more secure something is, the more difficult it is to get into it. Makes sense really. That’s the trade off, two step verification is much more secure, but it becomes problematic if you have a lot of apps that make use of your Google information. Apps typically can’t deal with two step verification so Google generates special passwords for each app. In my case, that involved 12 different passwords spread across my computer, iPhone, iPad, and Apple TV. Still, once you put it in, it will stay there.

One thing you shouldn’t overlook is that securing your email from hackers makes it really tough for them to get to it. It could conceivably make it hard, or impossible for you to get into it as well! I can envisage a situation where I would not be able to get into my own account and therefore wouldn’t be able to access a lot of other things as well. If I didn’t have one of my own devices at hand, including my phone, I wouldn’t be able to log into my own account. Google does provide you with a list of passwords that can be printed out for absolute emergencies. It’s an important key so take care of it!

So this is what I have done so far in reaction to the massive hack of Honan. I have gone through and made much more secure passwords for all of the online services that are important. I will update others like online forums as I come across them. I have enabled two step verification on my main Gmail account. I have three others left to do but they aren’t used for anything facing the web. I need to activate two step verification on them and Facebook. I also need to make secure passwords for my iPhone and iPad. It would be silly to go through all of this just to have someone take one of them (again) and have direct access to my email.

I’m only really truly worried about someone stealing my devices or a hack of one of the services I use. The two step verification is for piece of mind. It’s nice to know that the lynchpin is locked down really well. Having different passwords will most likely prevent a breech of any of my other services. It has made things slightly less convenient but the tradeoff is worth it to me.

UPDATE:

OK, the secure password on my iPad and iPhone simply isn’t working. Typing in a 15 digit password every time I pick up them up is just not acceptable. I realized that I have the ability to erase these things remotely so all I need is a little time if they get stolen. I have a better password than the default 4 digit option that is offered, but it isn’t super long. I think that’s a good compromise.